The tool works by automatically notifying users when they visit a recently-compromised site. The user can then click on the alert to visit the Firefox Monitor site, where they can check if their personal details were caught up in the leak.

The alerts appear only once per site, and only show for sites that have been compromised in the previous twelve months. Furthermore, users who find the alerts to be intrusive can turn them off entirely.